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(54) Distributed remote management method for computer equipment 



(57) A distributed remote management method for 
computer equipment is provided for automatically 
detecting a modification, when setting information is 
altered due to carelessness or the like, and performing 
restoration of the setting information or notification to an 
administrator according to a predetermined policy, to 
thereby maintain an appropriate condition. A policy 
management operation section (21) delivers setting 
data (31 , 43) and policy data (32, 44) input by an admin- 
istrator from an operation terminal (1) to a policy data- 
base (3) and to computer equipment to be managed (4) 
for storage. A policy application operation section (42) 
activated at regular intervals reads out the setting data 
(43) and the setting information (46) for comparison. As 
a result of this comparison, if a disagreed item is found, 
a corrective action held in the policy data (44) is read 
out with regard to the disagreed item, and a counter- 
measure according to a definition in the corrective 
action is executed. The setting information is main- 
tained by means of such distributed processing. 
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Description 

BACKGROUND OF THE INVENTION 

Field of the Invention 5 

[0001] The present invention relates to a distributed 
remote management method for computer equipment 
for managing and maintaining the setting information of 
computer equipment based on a previously defined pol- w 
icy. 

[0002] This application is based on Japanese Pat- 
ent Application No. Hei 11-262573 (Unpublished), the 
contents of which are incorporated herein by reference. 

15 

Description of the Related Art 

[0003] Recently, the importance of computer net- 
works in industries is increasing, and the number of 
computers connected to networks is also increasing. In 20 
such intra-organization computer networks, there are 
data showing that management expenses are over- 
whelmingly larger than the cost of computer equipment 
itself. Accordingly, there is a demand for a technique 
which can efficiently manage a plurality of computers 25 
connected to a network at a low cost. Moreover, in view 
of controlling security, it is important to maintain the con- 
sistency of settings of various equipment connected to 
the network, by means of a centralized control. 
[0004] In such a situation, unified management of 30 
various setting information of respective computer 
equipment through the medium of the network, provides 
a large advantage in cost. As a result, tools for perform- 
ing unified management have already been put to prac- 
tical use and utilized. Moreover, as for the security 35 
aspect, an apparatus has been invented which man- 
ages and maintains network security by preparing a 
security policy in an open distributed environment, as 
disclosed for example, in Japanese Unexamined Patent 
Application, First Publication No. Hei. 7-141296. 40 
[0005] As described above, techniques which can 
perform unified management of setting information of 
computer equipment over a whole network have been 
provided, and an overall administrator who generalize 
the whole network receive a benefit from these tech- 45 
niques. On the other hand, since it is also possible to set 
respective computer equipment individually, there may 
be a case where individual administrators of the compu- 
ter equipment make an inappropriate setting due to 
carelessness, or a case where an attacker being a third so 
party changes the setting maliciously. 
[0006] That is to say, it is important that the setting 
information by means of unified management always 
coincides with the information set in the actual computer 
equipment. Nevertheless, with the related art, it is not 55 
possible to appropriately cope with disagreement which 
may arise in the above described situation. 



SUMMARY OF THE INVENTION 

[0007] In view of the above situation, it is an object 
of the present invention to provide a distributed remote 
management method for computer equipment in which 
not only setting of the computer equipment to be man- 
aged is performed, but also the above described disa- 
greement is detected by a function provided in the 
computer equipment to be managed itself, to thereby 
automatically perform appropriate countermeasure, so 
that as a result, the setting information is maintained in 
an appropriate condition. 

[0008] To solve the above problem, with the present 
invention, a policy management operation section or the 
like in a management server connected to the network, 
collectively holds and manages specified values (setting 
data) related to the setting information and the counter- 
measures (policy data). That is, since these specified 
values and countermeasures are uniformly managed on 
the management server side, it becomes possible for an 
administrator to input and edit these on an operation ter- 
minal operated by the administrator. As a result, the 
computer equipment to be managed connected to the 
network can be efficiently controlled collectively, ena- 
bling a decrease in management expenses. 
[0009] Moreover, the above described specified val- 
ues are held in the computer equipment to be managed, 
and compared with set values actually set as the setting 
information of the computer equipment to be managed. 
Then, detection of disagreement between the specified 
value and the set value is made. Moreover, if there is 
disagreement between these, a policy in the counter- 
measure specified in advance and held on the computer 
equipment to be managed is referred to, and a corre- 
sponding corrective action is automatically executed for 
each item in which disagreement is detected. 
[0010] Accordingly, it is possible to detect a situa- 
tion where the setting information on the computer 
equipment to be managed is altered and disagrees with 
the specified value, due to carelessness of an adminis- 
trator of individual computer equipment to be managed, 
or malicious intention of an attacker being a third party. 
Hence, suitable action can be taken, such as automatic 
restoration of the setting information, notification to the 
administrator by means of automatic mail transmission 
or the like, depending on the corrective action specified 
in the countermeasures. As a result, it becomes possi- 
ble to maintain the setting information of the whole sys- 
tem as per the intention of the administrator, thereby 
enabling protection against attacks from an attacker or 
the like. 

[001 1 ] In addition, the specified values, the counter- 
measures, and the setting information are all held in the 
computer equipment to be managed, and processing 
for applying the policy is executed on the computer 
equipment to be managed. Therefore in the course of 
this processing, the imposition of a burden on the net- 
work resources due to the flow of the data of the speci- 
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tied values, the counter-measures, and the setting 
information, can be avoided. 

BRIEF DESCRIPTION OF THE DRAWINGS 
[0012] 



DESCRIPTION OF THE PREFERRED EMBODIMENT 25 

[0013] One embodiment of the present invention 
will now be described with reference to the drawings. 
FIG. 1 is a block diagram showing a construction of a 
policy manager (management server) and computer 30 
equipment to be managed according to the embodiment 
of the present invention. In this figure, reference symbol 
1 denotes an operation terminal for performing input 
and editing of setting information, 2 denotes a policy 
manager, 3 denotes a policy database managed by the 35 
policy manager 2, and 4 denotes computer equipment 
to be managed. 

[0014] The policy manager 2 is provided with a pol- 
icy management operation section 21 and a communi- 
cation operation section 22. Setting data 31 (specified 40 
values) of the computer equipment to be managed 4 
and policy data 32 (countermeasures) input from the 
operation terminal 1 by an administrator, are notified 
from the policy management operation section 21 to the 
policy database 3. The policy database 3 holds these 45 
setting data 31 and policy data 32. 
[0015] In the computer equipment to be managed 
4, reference symbol 41 denotes a communication oper- 
ation section, 42 denotes a policy application operation 
section (management unit), and 45 denotes a timer, so 
Moreover, 43 denotes setting data (specified values), 
and 44 denotes policy data (countermeasures), and 
these setting data 43 and policy data 44 are transferred 
from the policy management operation section 21 via 
the communication operation section 22 and the com- 55 
munication operation section 41 to the policy application 
operation section 42, and written in a memory (not 
shown). Contents of the setting data 43 and the policy 



data 44 will be described later. 

[0016] Moreover, 46 denotes setting information. 
The setting information is set by the policy application 
operation section 42 based on the setting data 43, and 
when the computer equipment to be managed 4 actu- 
ally operates, the set values written in the setting infor- 
mation 46 are referred to. 

[0017] In FIG. 1, only one computer equipment to 
be managed 4 is shown, but there may be any number 
of computer equipment to be managed 4. 
[0018] Next, the operating procedure in this embod- 
iment will be described. FIG. 2 is a flow chart showing a 
procedure for setting the setting data 43 and the policy 
data 44. 

[0019] At first, in step S1 01 in FIG. 2, an administra- 
tor inputs the setting data (that is, values to be set) and 
the policy data (that is, countermeasures when incorrect 
data is detected in each item), for each computer equip- 
ment to be managed and each item of setting informa- 
tion, through the operation terminal 1. 
[0020] Next, in step S102, the policy management 
operation section 21 in the policy manager 2 receives 
the input setting data and policy data, and in step S1 03, 
records these data on the policy database 3 as the set- 
ting data 31 and the policy data 32. 
[0021] Then, in step S104, the policy management 
operation section 21 notifies the above described set- 
ting data and policy data via the communication opera- 
tion section 22 and the communication operation 
section 41 to the policy application operation section 42 
in the computer equipment to be managed 4 to which 
the setting data and policy data are applied. 
[0022] In step S105, the policy application opera- 
tion section 42, which has received these data, writes 
these data to a memory provided in the computer equip- 
ment to be managed 4 itself, and holds these data in the 
memory as the setting data 43 and policy data 44. 
[0023] FIG. 4 shows an example of information con- 
tents held as the setting data 31 and the setting data 43. 
As shown in FIG. 4, in this example, the encryption 
method when the computer equipment to be managed 4 
(equipment to be managed R1) communicates with 
other computer equipment to be managed (equipment 
to be managed R2) is "DES" (Data Encryption Stand- 
ard), the cryptographic key length is "56", the authenti- 
cation method is "MD5", and the communication 
bandwidth is "7 Mbps" (7 megabits per second). Other 
than these setting information, specified values of the 
setting information that are required by the OS (Operat- 
ing System) mounted on the computer equipment to be 
managed 4, or the network function are included in the 
setting data. 

[0024] Moreover, FIG. 5 shows an example of the 
information contents held as the policy data 32 and the 
policy data 44. As shown in FIG. 5, each item name of 
the policy data corresponds to each setting information 
name of the setting data shown in FIG. 4. The counter- 
measure (corrective action) to be taken when incorrect 



FIG. 1 is a block diagram showing a construction for 
realizing a structure for setting information manage- 
ment according to one embodiment of the present 10 
invention. 

FIG. 2 is a flow chart showing a processing of a pol- 
icy management operation section according to the 
embodiment. 

FIG. 3 is a flow chart showing a processing of a pol- 15 
icy application operation section according to the 
embodiment. 

FIG. 4 is a diagram showing an example of a data 
structure for setting data according to the embodi- 
ment. 20 
FIG. 5 is a diagram showing an example of a data 
structure for policy data according to the embodi- 
ment. 
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setting is detected by means of a check described later, 
is held for each setting information name. 
[0025] In this example, corrective action is decided 
such that when disagreement is found between the 
specified value to be set and an actually set value, the 5 
specified value is set by means of overwrite, respec- 
tively, with regard to the encryption method used 
between equipment to be managed R1 and the equip- 
ment to be managed R2, the cryptographic key length 
used between equipment to be managed R1 and the 10 
equipment to be managed R2, and the authentication 
method used between equipment to be managed R1 
and the equipment to be managed R2. Furthermore, 
corrective action is decided for the communication 
bandwidth such that when disagreement is found in the 15 
communication bandwidth used between equipment to 
be managed R1 and the equipment to be managed R2, 
this is notified by e-mail to a mail address 
"admin@nec.co.jp". 

[0026] Next, a description is given of a procedure 20 
for monitoring the setting of the computer equipment to 
be managed 4 and executing the processing based on 
the policy, using the setting data 43 and the policy data 
44 whose contents are held as shown in the figure, in 
accordance with the above described method. FIG. 3 is 25 
a flow chart showing a procedure for the monitoring 
processing by the policy application operation section 
42. 

[0027] The policy application operation section 42 
receives a notification from the timer 45 when a prede- 30 
termined time has passed after completion of the former 
processing. Therefore, the policy application operation 
section 42 first checks whether the predetermined time 
has already passed or not, in step S201 in FIG. 3. If the 
predetermined time has not passed yet, the policy appli- 35 
cation operation section 42 repeats the processing of 
step S201, while on the other hand, if the predeter- 
mined time has already passed, the policy application 
operation section 42 shifts the processing to the next 
step S202. 40 
[0028] After the above-described predetermined 
time has passed, the policy application operation sec- 
tion 42 reads out the setting information 46 in step 
S202. Then, the policy application operation section 42 
reads out the setting data 43 in step S203, and com- 45 
pares the set value in the setting information 46 with the 
specified value in the setting data 43, with regard to 
respective setting items. 

[0029] As a result of the comparison, if disagree- 
ment is not found between these, the processing pro- so 
ceeds to step S205 to complete the processing. On the 
other hand, if any disagreement is found between these, 
the processing proceeds to step S204 to read the policy 
data 44. Then, according to the countermeasure written 
in the policy data 44, the countermeasure is executed 55 
with respect to the information item where disagree- 
ment has been found. 

[0030] For example, it is assumed that the "crypto- 



6 

graphic key length with R2" defined in the setting infor- 
mation 46 is not "56" defined in the setting data 43 
shown in FIG. 4, but is altered to "128" for some reason 
or other. In this case, the policy application operation 
section 42 reads out the information related to the "cryp- 
tographic key length with R2" defined in the policy data 
44 shown in FIG. 5, and rewrites the "cryptographic key 
length with R2" set as the setting information 46 as "56", 
in accordance with "overwrite" being the predetermined 
countermeasure. 

[0031] In this manner, if the corrective action is 
"overwrite", even if the setting information 46 has been 
altered due to carelessness or a malicious intention, the 
policy application operation section 42 resets it using 
the specified value. Hence the setting as per the inten- 
tion of the administrator can be maintained. 
[0032] For example, it is also assumed that the 
"communication bandwidth with R2" set in the setting 
information 46 is not "7 Mbps" defined in the setting 
data 43 shown in FIG. 4, but is altered to "5 Mbps" for 
some reason or other. In this case, the policy application 
operation section 42 reads out the information related to 
the "communication bandwidth with R2" defined in the 
policy data 44, and in accordance with 
"mailto:admin@nec.co.jp" being the predetermined 
countermeasure, sends mail for reporting that disagree- 
ment has been detected, to this address. 
[0033] In the example shown in FIG. 5, one correc- 
tive action is defined for one information item, but a plu- 
rality of corrective actions may be taken. For example, 
both of correction of the setting value by means of "over- 
write" and mail transmission by means of "mailto: ...." 
may be executed. 

[0034] Then, after the above described series of 
processing have been completed in step S205, regard- 
less of whether disagreement is found or not in step 
S203, the policy application operation section 42 again 
waits for the notification of passing of the predetermined 
time from the timer 46. As a result, it becomes possible 
to monitor the monitor setting information, not only at a 
certain point of time but also continuously, to thereby 
obtain an effect of improvement in security or the like. 
[0035] Here, the above described policy manage- 
ment operation section 21 and policy application opera- 
tion section 42 can be realized as a function of the 
computer program. This computer program is recorded 
on a recording medium used by the computer system, 
and the computer reads out and executes this program, 
to thereby perform the processing by the above 
described respective operation sections. 
[0036] That is to say, the computer program 
recorded on the recording medium is loaded on a main 
memory (not shown) on the computer equipment to be 
managed 4, and a central processing unit (not shown) 
on the computer equipment to be managed 4 executes 
instructions described in the computer program one by 
one. 

[0037] The process in which the computer reads 
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out the computer program involves read out via the 
communication network. The recording medium used 
by the computer system is a floppy disk, a magneto- 
optical disk, a CD-ROM (Compact Disc Read Only 
Memory), a magnetic hard disk, a semiconductor mem- 
ory or the like, but the recording medium is not limited 
thereto. 

[0038] As described above, according to this 
embodiment, specified values related to the setting 
information are held in the setting data 43 of the compu- 
ter equipment to be managed 4, and these specified 
values are regularly compared with set values actually 
set in the setting information 46 of the computer equip- 
ment to be managed 4. Hence, even if the setting infor- 
mation on the computer equipment to be managed side 
has been altered due to carelessness of an administra- 
tor of the individual computer equipment to be man- 
aged, or a malicious intention of an attacker being a 
third party, to cause disagreement between the above 
described specified value and the set value, such an 
alteration of the setting information can be detected. 
[0039] Moreover, when disagreement is detected, 
the policy in the countermeasure specified in advance 
and held in the computer equipment to be managed 4 
as the policy data 44 is referred to, and the correspond- 
ing corrective action is automatically taken. Hence, it 
becomes possible to take appropriate action according 
to the specified corrective action, such as automatic 
restoration of the setting information, notification by 
means of automatic mail transmission to an administra- 
tor or the like. As a result, the setting information of the 
whole system can be maintained as per the intention of 
the administrator, thereby enabling prevention against 
an attack from an attacker. 

[0040] Furthermore, the above described setting 
data 43, policy data 44 and setting information 46 are all 
held in the computer equipment to be managed 4, and 
processing performed by the policy application opera- 
tion section 42 is also executed on the computer equip- 
ment to be managed 4. Hence the flow of these data on 
the network due to this processing, and the resultant 
imposition of a burden on the network resources can be 
avoided. 

[0041] The setting data 31, 43 and the policy data 
32, 44 are also uniformly managed by the policy man- 
agement operation section 21, enabling input and edit- 
ing on the operation terminal 1. Hence, it becomes 
possible to collectively manage the computer equip- 
ment connected to the network efficiently, enabling a 
decrease in management expenses. 
[0042] In addition, the computer equipment to be 
managed 4 comprises the timer 45 for performing a tim- 
ing function. For example, this timing function is associ- 
ated with the timer program in the above described 
computer program, thereby enabling repetition of 
processing of the above described comparison check at 
regular intervals. As a result, alteration of the setting 
information can be monitored continuously. 



[0043] This invention may be embodied in other 
forms or carried out in other ways without departing 
from the spirit thereof. The present embodiments are 
therefore to be considered in all respects illustrative and 
5 not limiting and all modifications falling within the mean- 
ing and range of equivalency are intended to be 
embraced therein. 

Claims 

10 

1 . A distributed remote management method for com- 
puter equipment for maintaining in appropriate con- 
dition setting information of computer equipment to 
be managed (4) connected to a network, compris- 

15 ing the steps of: 

a first step for writing in advance specified val- 
ues (43) of said setting information and coun- 
termeasures (44) when disagreement is found 
20 between a set value of said setting information 

and said specified value, in a memory provided 
in said computer equipment to be managed, 
based on the information managed by a man- 
agement server (2) connected to said network; 
25 a second step in which a management unit pro- 

vided in said computer equipment to be man- 
aged reads out said specified value from said 
memory; 

a third step in which said management unit 
30 reads out a set value (46) actually set as said 

setting information; 

a fourth step in which said management unit 
determines whether said specified value 
agrees with said set value or not; 
35 a fifth step in which said management unit 

reads out said countermeasure from said 
memory, when disagreement is found in said 
fourth step; and 

a sixth step for executing said countermeasure 
40 obtained in said fifth step. 

2. A distributed remote management method for com- 
puter equipment according to claim 1, wherein a 
trigger is applied to said management unit by a 

45 timer (45) at regular intervals, and said manage- 
ment unit repeatedly executes said second to sixth 
steps based on this trigger. 

3. A distributed remote management method for com- 
so puter equipment according to claim 1 or 2, wherein 

in said first step, a plurality of said counter- 
measures are written for each information item 
of said setting information; 
55 in said fifth step, said plurality of countermeas- 

ures are read out from said memory; and 
in said sixth step, said plurality of countermeas- 
ures are executed. 
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4. A distributed remote management method for com- 
puter equipment according to claim 1, 2 or 3, 
wherein in said sixth step, as said countermeasure, 
the set value of said setting information is overwrit- 
ten with said specified value. 5 

5. A distributed remote management method for com- 
puter equipment according to claim 1, wherein in 
said sixth step, as said countermeasure it is 
reported to a predetermined address to be notified 10 
that disagreement has been found. 

6. A computer program product including a computer- 
readable control program recorded on a computer- 
usable medium, wherein 15 

said control program operates on computer 
equipment to be managed (4), for maintaining 
in an appropriate condition setting information 
of said computer equipment to be managed 20 
connected to a network, and executes: 
first processing for receiving and writing in 
advance to memory from a management 
server (2) connected to said network, specified 
values (43) of said setting information, and 25 
countermeasures (44) when disagreement is 
found between a set value of said setting infor- 
mation and said specified value, for carrying 
out against said disagreement; 
second processing for reading out said speci- 30 
fied value from said memory; 
third processing for reading out a set value (46) 
actually set as said setting information; 
fourth processing for determining whether said 
specified value agrees with said set value or 35 
not; 

fifth processing for reading out said counter- 
measure from said memory, when disagree- 
ment is found in said fourth processing; and 
sixth processing for executing said counter- 40 
measure obtained in said fifth processing. 

7. A computer program comprising program code for 
carrying out the method steps of any one of claims 

1 to 5. 45 
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FIG. 2 
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